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DETAILED ACTION 

1 . The response of 8/22/2006 was received and considered. 

2. Claims 1-29 are pending. 

3. Claims 4-5, 8-9, 18-19, 22-23 & 26-27 are withdrawn and therefore, claims 1-3, 6-7, 10- 
17, 20-21, 24-25 & 28-29 are examined herein. See attached interview summary for explanation 
of claims 26-27 being withdrawn. 

4. Claims 6-7 & 20-21 are objected to. 

5. Claim 28 is allowed. 

6. Claims 1-3, 10-17, 24-25 & 29 are rejected. 

Election/Restrictions 

7. Claims 4-5, 8-9, 1 8-1 9 & 22-23 are withdrawn from further consideration pursuant to 37 
CFR 1.142(b) as being drawn to a nonelected species, there being no allowable generic or 
linking claim. Further, as per the interview summary attached to this office action, claims 26-27 
are withdrawn as belonging to a non-elected species. Election was made without traverse in the 
reply filed on 8/22/2006 and confirmed on 10/27/2006. Because applicant did not distinctly and 
specifically point out any supposed errors in the restriction requirement, the election has been 
treated as an election without traverse (MPEP § 8 1 8.03(a)). 



Response to Arguments 
8. Applicant's arguments filed 5/30/2006 have been fully considered but they are not 
persuasive. 
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9. Applicant's response (p. 1 1, 1|2) argue that because Ginter mentions that "an office 210 
may . . . permit only specified employees and/or groups to access certain information", Ginter 
purposely chose that an authentication would not be performed. Applicant's response argues that 
there is no motivation to combine the teachings of Moreh and Ginter, in order to create a feature 
that Ginter appears to have rejected. However, it is first noted that Ginter not only envisions 
including in the permissions a group of users to allow access, but also or alternatively, single 
users (col. 165, lines 55-64). This is done because the PPE implementing the virtual distribution 
environment will enforce the permissions and only allow access of a user to a particular object 
whose name is in the access control list for the particular object. Further, Moreh teaches that a 
system where messages are accompanied by an access control list (Fig. 6, #84 & col. 9, lines 31- 
60). A user is authenticated to provide security for the messages (col. 4, line 66 - col. 5, line 7), 
where the authentication is based on certificates identified in the list (col. 7, lines 39-47 & col. 9, 
lines 58-60). It is clear from the Moreh reference that one having ordinary skill in the art would 
have been motivated to modify Ginter to authenticate the user based on a digital certificate, as 
taught by Moreh. The motivation provided by Moreh is to provide greater security, i.e. rather 
than blindly admitting a user, the user must present a certificate to first authenticate the user (as 
is known in the art to ensure the user is who he/she claims to be). 

10. Applicant's response (p. 1 1) argues that Ginter fails to teach performing such 
authentication "even after specifically envisioning setting up a group of permitted users and 
applicant argues that "one skilled in the art reading Ginter would understand that not performing 
such authentication was a purposeful choice". However, lack of disclosure of a limitation does 
not in any way suggest that there is a teaching away from a limitation. In such a view, nothing 
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would ever be obvious over a given reference. Further, applicant argues that Ginter teaches 
away from Moreh because the feature of authenticating the user based on the certificate is a 
"feature that Ginter appears to have rejected". However, no evidence is given that Ginter has 
rejected this feature. Again, simply because Ginter has not disclosed this feature does not mean 
that the feature has been rejected. 

1 1 . Applicant's response (p. 1 1) requests that the Examiner point to specific portions of 

Ginter that provide the requisite motivation. However, no requirement exists that the Ginter 

reference provide motivation. The MPEP §2143.01 states: 

"There are three possible sources for a motivation to combine references: the nature of 
the problem to be solved, the teachings of the prior art, and the knowledge of persons of 
ordinary skill in the art. 1 * In re Rouffet, 149 F.3d 1350, 1357, 47 USPQ2d 1453, 1457-58 
(Fed. Cir. 1998) (The combination of the references taught every element of the claimed 
invention, however without a motivation to combine, a rejection based on a prima facie 
case of obvious was held improper.). 

Obviousness can only be established by combining or modifying the teachings of the 
prior art to produce the claimed invention where there is some teaching, suggestion, or 
motivation to do so found either explicitly or implicitly in the references themselves or in 
the knowledge generally available to one of ordinary skill in the art. "The test for an 
implicit showing is what the combined teachings, knowledge of one of ordinary skill in 
the art, and the nature of the problem to be solved as a whole would have suggested to 
those of ordinary skill in the art." In re Kotzab, 217 F.3d 1365, 1370, 55 USPQ2d 1313, 
1317 (Fed. Cir. 2000). 

Therefore, the Examiner directs applicant to the above-stated motivation in Moreh for 
authenticating Ginter 5 s user in accordance with an identified certificate. 

12. Further, the Khidekel reference is applied. Khidekel is cited for teaching identification 
certificates and the benefits of using identification certificates over standard public key 



certificates. 
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Specification 

13. The title of the invention is not descriptive. A new title is required that is clearly 
indicative of the invention to which the claims are directed. 

The following title is suggested: CONTENT DISTRIBUTION SYSTEM 
AUTHENTICATING A USER BASED ON AN IDENTIFICATION CERTIFICATE 
IDENTIFIED IN A SECURE CONTAINER. 

Claim Objections 

14. Claims 2-3, 6-7, 10-14, 16-17, 20-21 & 24-25 are objected to because of the following 
informalities: In each claim, the claim refers to "Claim. X"; these should be replaced with 
"Claim X" without the "." after the word "Claim". Appropriate correction is required. 

Claim Rejections - 35 USC §101 

15. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

16. Claim 29 is rejected under 35 U.S.C. 101 because the claimed invention is directed to 
non-statutory subject matter.. 

a. Regarding claim 29, the claim is directed to a medium, which according to the 
specification, p. 1 6, could be a transmission medium such as a network. Such a 
transmission medium, as opposed to the storage medium also disclosed on p. 16, Tf3, does 
not fall within one of the statutory classes of invention. This claim could fall within one 
of the statutory classes if amended to clarify that the medium is a storage medium. 
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b. Regarding claim 29, even if the medium of the claim was a storage medium, there 
still appears to be no functional interrelationship between the medium and the user 
device. This could be overcome by clarifying that the computer program comprises 
instructions that are executed by a processor on the user device. While instructions are 
not disclosed explicitly in the specification, one of ordinary skill in the art understands 
that a computer program is a series of at least one instruction that is executed on a 
processor. 

Claim Rejections - 35 USC § 112 

17. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

1 8. Claims 29 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 

c. Regarding claim 29, it is unclear how a program can comprise method steps. 
However, this rejection could be overcome by clarifying that the program comprises 
instructions which when executed on a processor of the user device, perform the steps 
that following in the claim. While instructions are not disclosed explicitly in the 
specification, one of ordinary skill in the art understands that a computer program is a 
series of at least one instruction that is executed on a processor. 



Claim Rejections - 35 USC § 103 
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19. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

20. Claims 1-3, 10, 12, 15, 26 & 29, are rejected under 35 U.S.C. 103(a) as being 
unpatentable over U.S. Patent 5,892,900 to Ginter et al. (Ginter) in view of U.S. Patent 
6,158,007 to Moreh et al. (Moreh) and U.S. Patent 6,636,975 to Khidekel et al. (Khidekel). 

Regarding claims 1-2, 10, 12, 15-16, 24, 26 & 29, Ginter discloses a certificate issued by 
an identification authority/trustworthy entity (col. 210, lines 31-45), container 
information/container in which a content transaction condition/use rights (col. 55, lines 1-1 1) is 
set including an identification certificate identifier list/specified employee (col. 55, lines 21-23) 
associated with said certificate (col. 212, lines 1-16), a content key for enciphering a content 
(col. 223, lines 5-1 1), a secure container (col. 59, lines 8-15 & col. 134, lines 29-58) including 
the content enciphered with the content key and said container information (col. 59, lines 8-47), a 
content distributor for distributing the content by moving said secure container (Fig. 2, #102 & 
106), at least one user device/SPU for transacting the content with said content distributor (col. 
60, lines 7-16), whereby user authentication is performed (col. 212, lines 1-16). Ginter is silent 
regarding authentication being performed in accordance with an identification certificate 
identified on the basis of the identification certificate identifier list when said secure container is 
moved, so that the content usable on said user device is distributed with content transaction 
managed. However, Khidekel is cited for teaching identification certificates (col. 3, lines 50-54), 
where the certificate is created by a trusted entity/certificate authority (col. 3, lines 50-54) and 
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contains a template serving as identification data/authentication information serving as 
identification data of a user (col. 4, lines 15-18) receiving a content (col. 6, lines 4-5), said 
template including at least one piece of personal biotic information/fingerprint (col. 4, line 63) 
and non-biotic information/identification information (col. 5, line 1). Therefore, it would have 
been obvious to one having ordinary skill in the art at the time the invention was made to modify 
Ginter to employ an identification certificate and the procedure to authenticate a user based on it, 
as described by Khidekel. One of ordinary skill in the art would have been motivated to perform 
such a modification to alleviate the problems with standard certificates, as taught by Khidekel 
(col. 2, lines 1-3, col. 3, lines 50-54, col. 4, lines 15-18, col. 5, line 1 & col, 6, lines 4-5). 
Further, Moreh discloses messages accompanied with a list/access control list (Fig. 6, #84 & col. 
9, lines 3 1-60), where authentication of a user is performed based on certificates identified in the 
list (col. 7, lines 39-47 & col. 9, lines 58-60) to provide security for messages between users on a 
computer network (col. 4, line 66 - col. 5, line 7). Therefore, it would have been obvious to one 
having ordinary skill in the art at the time the invention was made to modify Ginter to explicitly 
authenticate the user identified in the rights condition using the user's identification certificate. 
One of ordinary skill in the art would have been motivated to perform such a modification to 
provide additional security for Ginter' s secure containers transferred between users on a 
computer network, as taught by Moreh (Fig. 6, #84, col. 4, line 66 - col. 5, line 7, col. 7, lines 
39-47 & col. 9, lines 31-60, col. 7, lines 39-47). While claim 29 is rejected under similar 
rationale as the other independent claims, it should be noted that claim 29 is broader in scope and 
one having ordinary skill in the art will be able to see how the rejection of, for example claim 1, 
also applies to claim 29. 
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Regarding claims 3 & 17, Ginter discloses the container information including data in 
which the condition of secondary distribution is set (col. 59, lines 42-48). 

21 . Claims 1 1 & 25 are rejected under 35 U.S.C. 103(a) as being unpatentable over Ginter, 
Moreh & Khidekel, as applied to claims 1 & 15 above, in further view of "IBM Cryptolopes, 
SuperDistribution and Digital Rights Management" by Kaplan. Ginter lacks explicitly storing a 
signature. However, Kaplan discloses that including a signature in a cryptographic container 
allows the user to authenticate its contents (p. 5, 1f2-3). Therefore, it would have been obvious to 
one having ordinary skill in the art at the time the invention was made to modify Ginter to 
include a signature in the container. One of ordinary skill in the art would have been motivated 
to perform such a modification to authenticate its contents, as taught by Kaplan (p. 5, 1f2-3). 

22. Claim 13 is rejected under 35 U.S.C. 103(a) as being unpatentable over Ginter, Moreh 
& Khidekel, as applied to claim 1 above, in further view of U.S. Patent 5,949,877 to Traw et al. 
(Traw). Ginter, as modified above, lacks user devices authenticating one another when data are 
transmitted between them, and a data-transmitting user device generating a digital signature to 
data to be transmitted and a data-receiving user device verifying the digital signature. However, 
Traw teaches that to protect content from copying or misuse (col. 1, lines 40-48), each device 
authenticates the other devices (col. 6, lines 63-65) by generating a digital signature which is to 
be verified by the receiving device (col. 7, lines 5-35). Therefore, it would have been obvious to 
one having ordinary skill in the art at the time the invention was made to modify Ginter to 
include user devices authenticating one another when data are transmitted between them, and a 
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data-transmitting user device generating a digital signature to data to be transmitted and a data- 
receiving user device verifying the digital signature. One of ordinary skill in the art would have 
been motivated to perform such a modification to protect content from copying or misuse, as 
taught by Traw (col. 1, lines 40-48, col. 6, lines 63-65 & col. 7, lines 5-35). 

23. Claim 14 is rejected under 35 U.S.C. 103(a) as being unpatentable over Ginter, Moreh 
3c Khidekel, as applied to claim 1 above, in further view of U.S. Patent 5,534,855 to Shockley et 
al. (Shockley). Ginter, as best understood, lacks the template/certificate including at least one 
piece of information selected from among personal biotic information including fingerprint 
information, retina pattern information, iris pattern information, voice print information, and 
handwriting information and a non-biotic information including a seal, a passport, a drivers 
license, and a identification card or any combination of the biotic and non-biotic information and 
a password. However, Shockley teaches that to guard against probing and user penetration, 
computer systems authenticate the identity of a user with biometrics (col. 1, lines 40-48), which 
are integrity locked into a certificate along with, for example, the user's public key (col. 5, lines 
48-58). Therefore, it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to modify Ginter to include biotic data into the certificate (from Moreh). 
One of ordinary skill in the art would have been motivated to perform such a modification to 
guard against probing and user penetration by authenticating the identity of a user with 
biometrics, as taught by Shockley (col. 1, lines 40-48 & col. 5, lines 48-58). 



Allowable Subject Matter 
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24. Claim 28 is allowed. 

25. Claims 6-7 & 20-21 are objected to as being dependent upon a rejected base claim, but 
would be allowable if rewritten in independent form including all of the limitations of the base 
claim and any intervening claims. 

d. Regarding claims 6-7 & 20-21 5 the prior art relied upon fails to teach or suggest 
wherein said user device receiving said secure container authenticates a user thereof by 
comparing the template contained in the identification certificate identified on the basis 
of the identification certificate identifier list with sampling information input by the user 
and subsequently informing the service provider of the user authentication result, in 
combination with the other elements of the claims. 

e. Regarding claim 28, the prior art relied upon fails to teach or suggest an 
information processing apparatus for receiving content by moving a secure container, 
comprising a section for performing user authentication through comparing the template 
contained in the identification certificated identified on the basis of the identification 
certificate identifier list with sampling information input by a user thereof and a section 
for informing a secure container distributor of the user authentication, in combination 
with the other elements of the claim. 

Double Patenting 

26. The nonstatutory double patenting rejection is based on a judicially created doctrine 
grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or 
improper timewise extension of the "right to exclude" granted by a patent and to prevent possible 
harassment by multiple assignees. A nonstatutory obviousness-type double patenting rejection 
is appropriate where the conflicting claims are not identical, but at least one examined 
application claim is not patentably distinct from the reference claim(s) because the examined 
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application claim is either anticipated by, or would have been obvious over, the reference 
claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re 
Goodman, 1 1 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re LongU 759 F.2d 887, 225 
USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re 
Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 
USPQ 644 (CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may 
be used to overcome an actual or provisional rejection based on a nonstatutory double patenting 
ground provided the conflicting application or patent either is shown to be commonly owned 
with this application, or claims an invention made as a result of activities undertaken within the 
scope of a joint research agreement. 

Effective January 1, 1994, a registered attorney or agent of record may sign a terminal 
disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 
3.73(b). 

27. Claims 1 , 1 5, 28 & 29 are provisionally rejected on the ground of nonstatutory 
obviousness-type double patenting as being unpatentable over claims 1, 19, 28 & 30, 
respectively, of copending Application No. 09/943,773. The correspondence between claim 1 of 
the instant application and claim 1 of the '773 application are discussed below. The 
correspondence between the other claims listed above are believed to be analogous and as such 
are not explicitly discussed for brevity. Although the conflicting claims are not identical, they 
are not patentably distinct from each other because the '773 application recites an identification 
certificate issued (IDC in the c 773 application) containing a template serving as identification 
data of a user receiving a content, said template including at least one piece of personal biotic or 
personal non-biotic (personal identification data) information, containing information in which a 
content transaction condition is set including an identification certificate identifier list (IDC 
identifier list) associated with said identification certificate (wherein the container . . .), a content 
key for enciphering content (second limitation), a secure containing including the content 
enciphered with the content key and said container information (second limitation), a content 
distributor (secure container distributor device) for distributing the content, at least one user 



Application/Control Number: 09/945,273 Page 1 3 

Art Unit: 2134 

device for transacting the content with said content distributor (first limitation), whereby user 
authentication is performed in accordance with the identification certificate identified on the 
basis of the identification certificate identifier list when said secure container is moved, so that 
the content usable on said user device is distributed with the content transaction managed (last 
two limitations). The c 773 application lacks the content being moved, however, this is obvious 
to allow the actual transferal of ownership, as is well known in the art. Further, the 6 773 lacks 
the certificate issued by an authority. However, this is well known in the art to establish trust 
and hence is an obvious variation. 

This is a provisional obviousness-type double patenting rejection because the conflicting 
claims have not in fact been patented. 

Conclusion 

28. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Michael J. Simitoski whose telephone number is (571) 272-3841. 
The examiner can normally be reached on Monday - Thursday, 6:45 a.m. - 4:15 p.m.. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (571) 272-3799. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



MJS 




October 27, 2006 
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SUPERVISORY PATENT EXAMINER 
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